<?php

/**
 * Used to log into the I2C System.
 */
class dbCredentials {

    /**
     * Logs into the system using the credentials that you pass the function
     * @param Credentials $cred Credentials with a username and password
     * @return bool Returns true on login success, false if login fails
     */
    static function login($cred) {
        if (!($cred instanceof Credentials)) {
            return false;
        }
        include 'inc/functions.php';
        $username = sanitizeStr($cred->getUsername());
        $pw = sanitizeStr($cred->getPassword());
        //$pw = encryptStr($pw);
        connectToDatabase();
        $result = mysql_query("SELECT username,fname,lname,permissionLevel,userID
                FROM sysuser WHERE username='$username' AND password='$pw'");
        echo mysql_error();
        mysql_close();

        $row = mysql_fetch_assoc($result);
        if (!$row['userID']) {
            return false;
        } else {
            dbCredentials::setLoginSession($row);
            return true;
        }
    }

    /**
     * Sets the session variables with the login credentials
     * @param array $row
     */
    private static function setLoginSession($row) {
        $_SESSION['username'] = $row['username'];
        $_SESSION['fname'] = $row['fname'];
        $_SESSION['lname'] = $row['lname'];
        $_SESSION['permissionLevel'] = $row['permissionLevel'];
        $_SESSION['userID'] = $row['userID'];
    }

}

?>
